High-Interactive Redis Honeypot with ELK Analytics

Authors

  • Marin Gazvoda de Reggi Univerza v Ljubljani, Fakulteta za računalništvo in informatiko
  • Sara Mihalič University of Ljubljana, Faculty of Computer and Information Science
  • Samo Hribar University of Ljubljana, Faculty of Computer and Information Science
  • Ana Bračić University of Ljubljana, Faculty of Computer and Information Science
  • Matevž Pesek University of Ljubljana, Faculty of Computer and Information Science https://orcid.org/0000-0001-9101-0471

DOI:

https://doi.org/10.31449/upinf.251

Keywords:

cybersecurity, ELK analytics, honeypot, Redis, security threats

Abstract

Redis has become a popular target for cyberattacks due to its widespread use and frequent misconfigurations, creating the need for better understanding and analysis of security threats. This work presents the implementation of a high-interactive Redis honeypot that enables the transparent interception and logging of all connections and commands to a Redis server. The system is based on a proxy server implemented in the Go programming language, which forwards intercepted connections to an internal Redis instance while logging and analysing all interactions in real-time through integration with the ELK stack (Elasticsearch, Logstash, Kibana). The entire solution is implemented as a containerized application using Docker technology. Experimental evaluation demonstrated that the system effectively detects various types of attacks, from simple scanning attempts to sophisticated multi-stage attacks. The developed system represents an important contribution to better understanding Redis server security challenges and demonstrates the utility of honeypots in cybersecurity threat research.

Author Biographies

  • Marin Gazvoda de Reggi, Univerza v Ljubljani, Fakulteta za računalništvo in informatiko

    Marin Gazvoda de Reggi je študent na Fakulteti za računalništvo in informatiko Univerze v Ljubljani. Zanimajo ga področja razvoja programske opreme, kibernetske varnosti in umetne inteligence. Njegovi raziskovalni interesi zajemajo teorijo programskih jezikov in njihovo varnost.

  • Sara Mihalič, University of Ljubljana, Faculty of Computer and Information Science

    Sara Mihalič je študentka na Fakulteti za računalništvo in informatiko Univerze v Ljubljani. Navdušujejo jo področja povezana z digitalno forenziko, algoritmi in umetno inteligenco, najbolj pa jo zanima delo na interdisciplinarnih področjih, ki povezujejo tehnologijo z reševanjem konkretnih družbenih izzivov.

  • Samo Hribar, University of Ljubljana, Faculty of Computer and Information Science

    Samo Hribar je študent na Fakulteti za računalništvo in informatiko Univerze v Ljubljano. Deluje na področju razvoja mobilnih aplikacij, zanima pa ga tudi hitro rastoče področje umetne inteligence. Na raziskovalnem področju ga zanima varnost aplikacij, od nizkonivojskih do spletnih.

  • Ana Bračić, University of Ljubljana, Faculty of Computer and Information Science

    Ana Bračić je študentka na Fakulteti za računalništvo in informatiko Univerze v Ljubljani. Zanimajo jo področja kibernetske varnosti, kriptografije in umetne inteligence. Njeni raziskovalni interesi se osredotočajo na varnostne izzive v digitalnem okolju in uporabo naprednih tehnologij za zagotavljanje varnosti informacijskih sistemov.

  • Matevž Pesek, University of Ljubljana, Faculty of Computer and Information Science

    Matevž Pesek je izredni profesor in raziskovalec na Fakulteti za računalništvo in informatiko Univerze v Ljubljani, kjer je diplomiral (2012) in doktoriral (2018). Od leta 2009 je član Laboratorija za računalniško grafiko in multimedije. Od leta 2024 izvaja predmet Varnost programov.

Downloads

Published

2025-09-25

Issue

Vol. 33 No. 3 (2025): Uporabna informatika

Section

Scientific articles

How to Cite

[1]
2025. High-Interactive Redis Honeypot with ELK Analytics. Applied Informatics. 33, 3 (Sept. 2025). DOI:https://doi.org/10.31449/upinf.251.

Most read articles by the same author(s)